Lucene search
K

17 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.2 views

EUVD-2025-2869

Malicious code in bioql PyPI...

7.1CVSS8.7AI score0.00303EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-59165

Malicious code in bioql PyPI...

5.3CVSS6.6AI score0.00472EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 5:28 a.m.4 views

CVE-2023-6969

The User Shortcodes Plus plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.0.2 via the usermeta shortcode due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with contributor-level...

4.3CVSS5.9AI score0.00472EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/06 2:29 a.m.2 views

CVE-2025-22594

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in hccoder Better User Shortcodes better-user-shortcodes allows Reflected XSS.This issue affects Better User Shortcodes: from n/a through = 1.0...

7.1CVSS7.2AI score0.00303EPSS
Exploits0References1
NVD
NVD
added 2025/01/09 4:16 p.m.3 views

CVE-2025-22594

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in hccoder Better User Shortcodes better-user-shortcodes allows Reflected XSS.This issue affects Better User Shortcodes: from n/a through = 1.0...

7.1CVSS0.00303EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/09 3:39 p.m.4 views

CVE-2025-22594 WordPress Better User Shortcodes Plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in hccoder – Sándor Fodor Better User Shortcodes allows Reflected XSS.This issue affects Better User Shortcodes: from n/a through 1.0...

7.1CVSS7AI score0.00303EPSS
Exploits0References1
CVE
CVE
added 2025/01/09 3:39 p.m.49 views

CVE-2025-22594

CVE-2025-22594 is a Reflected Cross-Site Scripting vulnerability in the WordPress plugin Better User Shortcodes (Sándor Fodor). The issue affects versions up to 1.0; details beyond the basic description are not provided in the connected documents. Affected product: Better User Shortcodes. Root ca...

7.1CVSS7.2AI score0.00303EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/01/09 12:0 a.m.3 views

WordPress plugin Better User Shortcodes 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in WordPre...

7.1CVSS7.6AI score0.00303EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/01/07 10:32 a.m.3 views

WordPress Better User Shortcodes Plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Better User Shortcodes versions = 1.0...

7.1CVSS6.1AI score0.00303EPSS
Exploits0Affected Software1
OSV
OSV
added 2024/03/13 4:15 p.m.6 views

CVE-2023-6969

The User Shortcodes Plus plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.0.2 via the usermeta shortcode due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with contributor-level...

4.3CVSS5.8AI score
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/03/13 3:26 p.m.14 views

CVE-2023-6969 User Shortcodes Plus <= 2.0.2 - Insecure Direct Object Reference to Authenticated (Contributor+) Sensitive Information Disclosure via user_meta Shortcode

The User Shortcodes Plus plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.0.2 via the usermeta shortcode due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with contributor-level...

4.3CVSS6.6AI score0.00472EPSS
Exploits0References2
CVE
CVE
added 2024/03/13 3:26 p.m.60 views

CVE-2023-6969

CVE-2023-6969 affects the WordPress plugin User Shortcodes Plus. It is an Insecure Direct Object Reference in the user_meta shortcode caused by missing validation on a user-controlled key, allowing authenticated attackers with contributor-level access or higher to retrieve potentially sensitive u...

4.3CVSS5.9AI score0.00472EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2024/03/13 12:0 a.m.4 views

WordPress Plugin User Shortcodes Plus Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

5.3CVSS6.6AI score0.00472EPSS
Exploits0References3
WPVulnDB
WPVulnDB
added 2024/02/26 12:0 a.m.12 views

User Shortcodes Plus <= 2.0.2 - Insecure Direct Object Reference to Authenticated (Contributor+) Sensitive Information Disclosure via user_meta Shortcode

Description The User Shortcodes Plus plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.0.2 via the usermeta shortcode due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with...

5.3CVSS6.3AI score0.00472EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/02/26 12:0 a.m.19 views

WordPress User Shortcodes Plus Plugin <= 2.0.2 is vulnerable to Insecure Direct Object References (IDOR)

Software User Shortcodes Plus Type Plugin Vulnerable versions = 2.0.2 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Insecure Direct Object References IDOR CVE CVE-2023-6969 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID cc1bdd35256f Credits Francesco...

5.3CVSS6.5AI score0.00472EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2023/09/09 12:0 a.m.7 views

PT-2023-32827 · WordPress · User Shortcodes Plus

Name of the Vulnerable Software and Affected Versions: User Shortcodes Plus plugin for WordPress versions up to, and including, 2.0.2 Description: The issue is related to Insecure Direct Object Reference, which affects the user meta shortcode due to missing validation on a user-controlled key. Th...

5.3CVSS9.3AI score0.00472EPSS
Exploits0References8
CNNVD
CNNVD
added 2021/09/09 12:0 a.m.5 views

WordPress 插件 SQL注入漏洞

WordPress Plugin is an open source application plugin for WordPress. WordPress plugin SP Rental Manager 1.5.3 and earlier versions exist SQL injection vulnerability, the vulnerability stems from the orderby parameter in the "/user/shortcodes.php" file is vulnerable to SQL injection attacks...

8.2CVSS7.6AI score0.01793EPSS
Exploits1References4
Rows per page
Query Builder